Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191B71/B849BA12C60411ECB906915CC4F9AE02/AD0FA712C60711ECA38AF363C4F9AE02.roa
File: AD0FA712C60711ECA38AF363C4F9AE02.roa (raw, json)
Hash identifier: jADT5OShbUBDF21W0JvqaJ9T7co9z/47BcrQJ3AZhF4=
Subject key identifier: DC:E6:1F:38:8F:EE:5B:83:88:4A:29:F4:8B:7E:67:48:14:DE:19:C4
Certificate issuer: /CN=A9191B71/serialNumber=4BF3E87CA2B9AB59597620D04FC054118D7ED3D9
Certificate serial: 02
Authority key identifier: 4B:F3:E8:7C:A2:B9:AB:59:59:76:20:D0:4F:C0:54:11:8D:7E:D3:D9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S_PofKK5q1lZdiDQT8BUEY1-09k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191B71/B849BA12C60411ECB906915CC4F9AE02/AD0FA712C60711ECA38AF363C4F9AE02.roa
Signing time: Wed 27 Apr 2022 08:54:42 +0000
ROA not before: Wed 27 Apr 2022 08:54:41 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 132742
IP address blocks: 43.250.188.0/22 maxlen: 22
103.42.36.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191B71/serialNumber=4BF3E87CA2B9AB59597620D04FC054118D7ED3D9
Validity
Not Before: Apr 27 08:54:41 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=626904d1-4c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:c3:2e:58:7b:6b:5d:30:63:08:ca:99:b4:fa:
82:53:0b:ef:0d:cd:e6:57:92:93:01:27:5d:bc:0e:
d2:b4:a9:d5:81:94:14:7c:d3:ae:8d:a9:50:8d:a1:
79:92:85:db:88:da:85:86:0a:0f:97:53:63:7e:f4:
56:2a:7c:93:c7:e6:e5:f8:0c:24:9a:c9:5c:7e:9e:
6f:3f:5e:bf:5f:12:75:61:31:94:e0:49:a0:1a:82:
8f:be:c5:c8:c3:e4:d2:7e:0a:f8:37:f4:b4:25:6c:
c8:c4:bb:a6:9d:eb:2e:df:28:0b:82:16:69:af:33:
b2:70:05:85:2c:45:85:5e:f7:3d:68:ae:68:ea:c3:
08:32:f2:28:7f:34:b6:80:82:2a:a1:d9:2d:73:8d:
7c:a9:08:57:f0:a3:97:e9:53:9c:1f:c8:e8:53:df:
a4:e4:5d:5b:dd:9e:99:28:62:8f:03:4f:0d:6c:4f:
ce:46:58:be:73:70:f5:1c:57:5f:aa:af:af:f5:28:
24:42:eb:0d:c4:3d:98:af:4e:ea:40:42:d8:f4:ff:
b5:a1:d9:08:3c:96:19:a1:1c:a6:6e:0e:d1:09:05:
88:ae:be:fe:5c:74:a9:16:d3:cc:c7:eb:00:cb:f9:
4f:51:e1:84:9c:4c:75:99:3e:5e:a4:5b:a1:38:95:
d5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E6:1F:38:8F:EE:5B:83:88:4A:29:F4:8B:7E:67:48:14:DE:19:C4
X509v3 Authority Key Identifier:
keyid:4B:F3:E8:7C:A2:B9:AB:59:59:76:20:D0:4F:C0:54:11:8D:7E:D3:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191B71/B849BA12C60411ECB906915CC4F9AE02/S_PofKK5q1lZdiDQT8BUEY1-09k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S_PofKK5q1lZdiDQT8BUEY1-09k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191B71/B849BA12C60411ECB906915CC4F9AE02/AD0FA712C60711ECA38AF363C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.188.0/22
103.42.36.0/22
Signature Algorithm: sha256WithRSAEncryption
42:10:d8:a0:e0:12:4b:42:28:29:a8:83:c6:dc:e5:bd:99:1a:
d2:59:78:21:14:c5:db:3f:5a:e0:ef:74:9e:87:6b:11:62:08:
ec:43:1c:2d:3b:d0:f1:9a:a1:e5:a2:0b:cc:73:5d:90:c6:49:
7c:28:d7:c7:de:20:60:38:e1:a6:18:0c:77:99:24:0a:52:58:
5b:f6:8b:5f:09:f2:3a:6a:1c:cb:5f:cc:49:cd:67:ba:82:c1:
d8:f6:7b:63:d7:fe:8e:04:82:47:90:b0:8c:67:03:2f:a9:71:
e3:e7:58:56:3a:66:c6:b7:2e:73:1c:84:10:35:16:26:ed:75:
65:b6:98:32:38:17:0c:70:53:f3:df:e0:fe:4b:21:c4:43:40:
c0:53:70:d2:a8:ce:48:96:c8:d1:a0:6e:6c:23:f8:2e:ec:65:
90:79:ef:eb:c1:33:b5:35:0c:65:00:8f:da:c5:13:dd:52:2d:
8c:28:dc:e5:fe:b4:7c:cf:df:6b:89:01:1a:87:e5:a6:2f:3e:
be:d4:11:df:f9:50:4c:dd:76:c3:4c:1a:bd:27:26:cc:84:6a:
b6:67:1c:6e:2a:35:b7:d1:41:f4:5b:86:ab:c0:18:5a:f4:9f:
c7:79:00:08:51:77:37:f0:f8:8e:08:ca:74:66:2f:bf:11:ee:
d3:f1:41:70
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MUI3MTExMC8GA1UEBRMoNEJGM0U4N0NBMkI5QUI1OTU5NzYyMEQwNEZDMDU0MTE4
RDdFRDNEOTAeFw0yMjA0MjcwODU0NDFaFw0yMzAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNjkwNGQxLTRjNGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDzwy5Ye2tdMGMIypm0+oJTC+8NzeZXkpMBJ128DtK0qdWBlBR8066NqVCNoXmS
hduI2oWGCg+XU2N+9FYqfJPH5uX4DCSayVx+nm8/Xr9fEnVhMZTgSaAago++xcjD
5NJ+Cvg39LQlbMjEu6ad6y7fKAuCFmmvM7JwBYUsRYVe9z1ormjqwwgy8ih/NLaA
giqh2S1zjXypCFfwo5fpU5wfyOhT36TkXVvdnpkoYo8DTw1sT85GWL5zcPUcV1+q
r6/1KCRC6w3EPZivTupAQtj0/7Wh2Qg8lhmhHKZuDtEJBYiuvv5cdKkW08zH6wDL
+U9R4YScTHWZPl6kW6E4ldXtAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU3OYfOI/u
W4OISin0i35nSBTeGcQwHwYDVR0jBBgwFoAUS/PofKK5q1lZdiDQT8BUEY1+09kw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkxQjcxL0I4NDlCQTEyQzYw
NDExRUNCOTA2OTE1Q0M0RjlBRTAyL1NfUG9mS0s1cTFsWmRpRFFUOEJVRVkxLTA5
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU19Qb2ZLSzVxMWxaZGlEUVQ4QlVFWTEtMDlrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MUI3MS9CODQ5QkExMkM2MDQxMUVDQjkwNjkxNUNDNEY5QUUwMi9BRDBGQTcxMkM2
MDcxMUVDQTM4QUYzNjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAiv6vAMEAmcqJDANBgkqhkiG9w0BAQsFAAOCAQEAQhDYoOAS
S0IoKaiDxtzlvZka0ll4IRTF2z9a4O90nodrEWII7EMcLTvQ8Zqh5aILzHNdkMZJ
fCjXx94gYDjhphgMd5kkClJYW/aLXwnyOmocy1/MSc1nuoLB2PZ7Y9f+jgSCR5Cw
jGcDL6lx4+dYVjpmxrcucxyEEDUWJu11ZbaYMjgXDHBT89/g/kshxENAwFNw0qjO
SJbI0aBubCP4LuxlkHnv68EztTUMZQCP2sUT3VItjCjc5f60fM/fa4kBGoflpi8+
vtQR3/lQTN12w0wavScmzIRqtmccbio1t9FB9FuGq8AYWvSfx3kACFF3N/D4jgjK
dGYvvxHu0/FBcA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:59 2023 by rpki-client on console-fra.rpki-client.org